Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Riltok mobile Trojan: A banker with global reach

    June 25, 2019

    Riltok is one of numerous families of mobile banking Trojans with standard (for such malware) functions and distribution methods. Originally intended to target the Russian audience, the banker was later adapted, with minimal modifications, for the European “market.” The bulk of its victims (more than 90%) reside in Russia, with France in second place (4%). ...

  • Anonymous hacker exposed after dropping USB drive while throwing Molotov cocktail

    June 24, 2019

    In a bizarre investigation, Belgium police have identified a member of the Anonymous Belgium hacker collective while investigating an arson case at a local bank. The perpetrator, a 35-year-old man from the Belgian city of Roeselare, was initially arrested after throwing a Molotov cocktail at the Crelan Bank office in Rumbeke, a suburb of Roeselare, back ...

  • Consumers Urged to Junk Insecure IoT Devices

    June 18, 2019

    More than 2 million connected security cameras, baby monitors and other IoT devices have serious vulnerabilities that have been publicly disclosed for more than two months – yet they are still without a patch or even any vendor response. Security researcher Paul Marrapese, who disclosed the flaws in April and has yet to hear back from any impacted ...

  • Mobile Cyberespionage Campaign ‘Bouncing Golf’ Affects Middle East

    June 18, 2019

    We uncovered a cyberespionage campaign targeting Middle Eastern countries. We named this campaign “Bouncing Golf” based on the malware’s code in the package named “golf.” The malware involved, which Trend Micro detects as  AndroidOS_GolfSpy.HRX, is notable for its wide range of cyberespionage capabilities. Malicious codes are embedded in apps that the operators repackaged from legitimate ...

  • Plurox: Modular backdoor

    June 18, 2019

    In February this year, a curious backdoor passed across our virtual desk. The analysis showed the malware to have a few quite unpleasant features. It can spread itself over a local network via an exploit, provide access to the attacked network, and install miners and other malicious software on victim computers. What’s more, the backdoor ...

  • Houdini malware targets victims with keylogger, online bank account theft tools

    June 17, 2019

    A new variant of the Houdini malware has been detected in campaigns against financial institutions and their customers. Last week, cybersecurity researchers from Cofense said in a blog post that the new strain of Houdini — also known as HWorm — was released by its author on June 2, 2019. Dubbed WSH Remote Access Tool (RAT), it took the ...